Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/ad1301-149c-4c21-98b3-446a8913d4b8/1/gWh6Wk1LztjLY4cJieIrlrOv81k.roa
File: gWh6Wk1LztjLY4cJieIrlrOv81k.roa (raw, json)
Hash identifier: X+mt5gykzuaxS7MckaWIkBuTxnA4YhoMqCK0nkS2JBw=
Subject key identifier: 81:68:7A:5A:4D:4B:CE:D8:CB:63:87:09:89:E2:2B:96:B3:AF:F3:59
Certificate issuer: /CN=b26bb4333efe9e14c4831b05821416e5c55bdf42
Certificate serial: 018CC64B361EF807E77A23C370E15050355A
Authority key identifier: B2:6B:B4:33:3E:FE:9E:14:C4:83:1B:05:82:14:16:E5:C5:5B:DF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/smu0Mz7-nhTEgxsFghQW5cVb30I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/ad1301-149c-4c21-98b3-446a8913d4b8/1/gWh6Wk1LztjLY4cJieIrlrOv81k.roa
Signing time: Mon 01 Jan 2024 18:31:06 +0000
ROA not before: Mon 01 Jan 2024 18:31:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 91.212.235.0/24 maxlen: 24
2001:7f8:9f::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/ad1301-149c-4c21-98b3-446a8913d4b8/1/smu0Mz7-nhTEgxsFghQW5cVb30I.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/ad1301-149c-4c21-98b3-446a8913d4b8/1/smu0Mz7-nhTEgxsFghQW5cVb30I.mft
rsync://rpki.ripe.net/repository/DEFAULT/smu0Mz7-nhTEgxsFghQW5cVb30I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:36:1e:f8:07:e7:7a:23:c3:70:e1:50:50:35:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b26bb4333efe9e14c4831b05821416e5c55bdf42
Validity
Not Before: Jan 1 18:31:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=81687a5a4d4bced8cb63870989e22b96b3aff359
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:83:65:6b:70:5c:75:d5:ab:08:55:56:b4:36:
45:d5:12:22:70:26:8e:3e:6b:01:f9:3f:00:6d:22:
92:ba:50:92:de:32:c4:8b:1f:d2:68:b1:c9:ee:8d:
89:61:93:be:96:4a:a2:85:4f:fa:da:32:2a:bf:e4:
42:4f:c2:d6:e2:0b:0d:23:ee:4d:75:c0:d1:ef:be:
ea:3b:0c:f4:a9:88:23:33:de:e5:1c:cc:c9:24:98:
9b:bd:18:19:39:d0:64:45:c4:b0:38:82:59:f2:a6:
da:36:2a:df:18:62:ca:12:2b:58:7a:ff:89:71:a3:
cb:ab:a5:96:f7:26:dd:aa:73:31:57:bb:4d:11:be:
23:5d:57:b1:c8:00:eb:55:94:60:0c:7f:e8:aa:5b:
92:ec:dc:36:d8:02:dd:2b:16:59:5e:58:e0:cc:9b:
07:79:13:f1:d9:6c:f8:40:89:54:3b:03:f9:e0:d0:
34:4a:33:f3:0c:cd:97:f8:0c:fc:5f:c0:5a:d0:50:
c2:3b:f7:1f:d5:a4:a4:02:88:bb:73:b2:58:7a:25:
7a:e3:65:58:46:1c:f0:64:33:8f:97:b0:fb:52:8e:
1b:2d:47:60:87:e2:57:46:78:a2:41:e0:31:fb:6b:
c9:fa:77:9c:c6:13:dd:37:08:b5:65:5c:68:0a:b5:
a0:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:68:7A:5A:4D:4B:CE:D8:CB:63:87:09:89:E2:2B:96:B3:AF:F3:59
X509v3 Authority Key Identifier:
keyid:B2:6B:B4:33:3E:FE:9E:14:C4:83:1B:05:82:14:16:E5:C5:5B:DF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/smu0Mz7-nhTEgxsFghQW5cVb30I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/ad1301-149c-4c21-98b3-446a8913d4b8/1/gWh6Wk1LztjLY4cJieIrlrOv81k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/ad1301-149c-4c21-98b3-446a8913d4b8/1/smu0Mz7-nhTEgxsFghQW5cVb30I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.235.0/24
IPv6:
2001:7f8:9f::/64
Signature Algorithm: sha256WithRSAEncryption
71:ed:0f:93:a4:2c:44:b9:89:2a:2b:9a:d3:83:b5:c9:33:ae:
b0:ed:58:e3:3a:4f:f0:76:31:e5:38:db:3b:42:16:18:3d:97:
44:48:a6:8d:2c:b5:41:01:51:41:ad:14:e5:04:43:85:c8:82:
c1:39:08:35:a5:5d:5d:cd:83:47:d8:a4:c6:1d:5c:18:f3:a9:
b8:8f:76:7e:0c:a0:f4:02:ee:2d:c9:eb:9b:91:2a:29:3b:5a:
36:44:eb:14:b0:b4:1d:5c:2d:98:19:2f:4a:e0:50:51:af:a6:
cb:71:0b:91:3c:51:af:fb:7c:5e:b4:d5:6c:6b:44:2b:af:80:
71:f1:b0:0d:8c:19:a1:6e:85:10:bf:32:59:5e:b2:c5:44:91:
5a:2b:cc:d4:84:ef:0b:5d:51:99:8a:65:2a:f2:be:52:ce:26:
f4:1b:57:4a:a5:db:c7:63:8b:7a:dc:14:76:15:4f:3c:53:12:
99:83:a1:56:e3:ec:c8:3e:2e:af:29:2b:d5:18:f6:f6:81:c3:
5f:58:83:82:1b:36:b4:d9:5a:87:ef:21:be:9a:73:d9:7f:a7:
93:ec:1b:57:61:8c:41:5d:34:69:ce:d8:87:e7:d7:fb:a9:32:
ed:5a:69:1a:6d:4a:77:18:43:27:76:f6:95:35:f9:fd:c3:94:
b2:61:e7:90
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYzGSzYe+AfneiPDcOFQUDVaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyNmJiNDMzM2VmZTllMTRjNDgzMWIwNTgyMTQxNmU1YzU1
YmRmNDIwHhcNMjQwMTAxMTgzMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTY4N2E1YTRkNGJjZWQ4Y2I2Mzg3MDk4OWUyMmI5NmIzYWZmMzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhINla3BcddWrCFVWtDZF1RIicCaO
PmsB+T8AbSKSulCS3jLEix/SaLHJ7o2JYZO+lkqihU/62jIqv+RCT8LW4gsNI+5N
dcDR777qOwz0qYgjM97lHMzJJJibvRgZOdBkRcSwOIJZ8qbaNirfGGLKEitYev+J
caPLq6WW9ybdqnMxV7tNEb4jXVexyADrVZRgDH/oqluS7Nw22ALdKxZZXljgzJsH
eRPx2Wz4QIlUOwP54NA0SjPzDM2X+Az8X8Ba0FDCO/cf1aSkAoi7c7JYeiV642VY
RhzwZDOPl7D7Uo4bLUdgh+JXRniiQeAx+2vJ+necxhPdNwi1ZVxoCrWgGQIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFIFoelpNS87Yy2OHCYniK5azr/NZMB8GA1UdIwQY
MBaAFLJrtDM+/p4UxIMbBYIUFuXFW99CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc211ME16Ny1uaFRFZ3hzRmdoUVc1Y1ZiMzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hZDEzMDEtMTQ5Yy00YzIxLTk4YjMt
NDQ2YTg5MTNkNGI4LzEvZ1doNldrMUx6dGpMWTRjSmllSXJsck92ODFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hZDEzMDEtMTQ5Yy00YzIxLTk4YjMtNDQ2YTg5MTNkNGI4
LzEvc211ME16Ny1uaFRFZ3hzRmdoUVc1Y1ZiMzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAMBAIAATAGAwQAW9TrMBEE
AgACMAsDCQAgAQf4AJ8AADANBgkqhkiG9w0BAQsFAAOCAQEAce0Pk6QsRLmJKiua
04O1yTOusO1Y4zpP8HYx5TjbO0IWGD2XREimjSy1QQFRQa0U5QRDhciCwTkINaVd
Xc2DR9ikxh1cGPOpuI92fgyg9ALuLcnrm5EqKTtaNkTrFLC0HVwtmBkvSuBQUa+m
y3ELkTxRr/t8XrTVbGtEK6+AcfGwDYwZoW6FEL8yWV6yxUSRWivM1ITvC11RmYpl
KvK+Us4m9BtXSqXbx2OLetwUdhVPPFMSmYOhVuPsyD4urykr1Rj29oHDX1iDghs2
tNlah+8hvppz2X+nk+wbV2GMQV00ac7Yh+fX+6ky7VppGm1KdxhDJ3b2lTX5/cOU
smHnkA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 23:54:11 2024 by rpki-client on console-ams.rpki-client.org